A Secure BYOD Strategy

Wireless devices are making their presence felt in every business. From smartphones and touch screen tablets to handheld video conferencing tools and traditional laptops, these devices enable employees to perform critical business functions at any time and any location.

That’s why more companies are embracing Bring Your Own Device (BYOD) strategies, enabling employees to choose the tools and in some cases,  move completely away from devices like desk phones and desktop PCs—both long considered to be indispensable.

But if businesses are not careful, BYOD can quickly turn into ‘bring your own difficulties” inviting a wide range of security issues. The challenge is to balance the need to control access, but not limit employee flexibility or create an onerous management burden for IT.

Organizations know that employees’ personal mobile devices are getting onto their networks, but, based on a recent study by the SANS Institute, only nine percent of organizations surveyed were “fully aware” of the devices accessing their networks, and only 50 percent were “vaguely or fairly” aware.  (Learn more about the SANS study at http://www.sans.org/press/first-annual-survey-webcast.php)

Many mobile devices support 802.1x (an IEEE Standard for port-based Network Access Control), though  often it is not enabled.  Also, many smaller companies without the IT resources find it too onerous to be configuring their network to control access via 802.1x.

One way to solve the BYOD challenge is to centralize management of your access, authentication and security controls. A centralized, standards-based, policy server deployable over any underpinning network infrastructure allows administrators to quickly and easily add devices from a central hub and even assign multiple devices to a single user.

A centralized solution gives you full visibility into who has accessed the network based on a combination of user identity, device type and location. If an employee brings a new device, it can get validated by comparing the user credentials and device attributes against corporate directories. Network access can be limited to all or select resources.

A centralized approach simplifies the process of providing guests wireless Internet access. For large events such as conferences or expos, enterprise staff can administer guest policies in bulk, eliminating the need to manually set guest preferences and rules. To ensure that guests don’t outstay their welcome, these credentials automatically expire at a specified date and time.

Avaya provides a range of centralized security capabilities through its Identity Engines portfolio of security solutions.  Many of these capabilities have traditionally been limited to large enterprise installations, but now much smaller organizations are taking advantage of them implementing them on networks with the Avaya Ethernet Routing Switch (ERS) 3500, a compact Ethernet switch designed exclusively for small and midsize enterprises and remote branches.

Advertisements

About Vic Levinson
Telecommunications and IT professional with over 20 years experience in Business Telecommunications. Specializing in voice over IP (VoIP) for business: hosted VoIP, business VoIP phone systems, SIP providers, carriers, T1's - the works. Founded Prime Telecommunications in 1993 and providing business communications solutions. Cloud Applications- everything from hosted network security, hosted Disaster Recovery, hosted printer management, data centers and colocation solutions for businesses.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: